Serosoft Solutions Academia SIS EagleR Incorrect Access Control Vulnerability Allowing User Account Modification

Vulnerability

A vulnerability exists in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR version 1.0.118, due to incorrect access control in the staff resource endpoint for finding users across the organization. This flaw allows unauthorized creation and modification of user accounts, including those of administrators.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in user account details, potentially allowing for elevated privileges if an administrator account is modified.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Serosoft Solutions Academia SIS EagleR Incorrect Access Control Vulnerability Allowing User Account Modification

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating